Privacy Policy - Moderating.eu

Last updated: 8 May 2026

Our privacy philosophy

As little as possible and as safe as possible.

We collect only the personal data we actually need, use it only for clear purposes, and protect it with technical and organizational safeguards.

Our EU sovereignty commitment

We are GDPR compliant and process data as much as possible within the EU. We are actively working toward hosting all core services on EU soil, by EU companies, under EU jurisdiction.

Where an essential service is currently outside the EU/EEA, we apply GDPR-compliant safeguards (including SCCs where applicable).

Our AI policy

Our AI use follows our CARE policy principles:

  • AI supports people; it does not replace human responsibility.
  • Humans remain accountable for client-impacting decisions.
  • We minimize data shared with AI tools and avoid unnecessary retention.
  • We are moving toward EU-based AI infrastructure where feasible.

1) Scope: website visit vs requesting our services

A. Visiting our website

When you visit moderating.eu without contacting us or requesting services:

  • We process only minimal technical data needed to operate and secure the website (for example, essential logs and essential technical cookies).
  • Optional cookies (such as YouTube embeds and optional statistics) are only used with your consent.
  • If you decline optional cookies, we do not collect optional analytics/embed-cookie data from your visit.

B. Requesting our services

When you contact us, submit a form, request a quote, or otherwise engage us for services, we begin processing your personal data according to this policy for:

  • communication and project preparation
  • service delivery
  • planning, coordination, and execution
  • invoicing, accounting, and legal compliance

2) What data we process

Depending on your interaction with us, we may process:

  • contact details (name, email, phone, organization, role)
  • service and project information (briefings, schedules, event details, files)
  • financial/admin data (quotes, invoices, payment references)
  • limited technical/security data (IP, device/browser metadata, anti-abuse logs)

We do not intentionally collect special category personal data unless strictly necessary and legally justified.

3) Legal bases (GDPR)

We process personal data based on one or more of:

  • Contract / pre-contract (Art. 6(1)(b))
  • Legitimate interests (Art. 6(1)(f)) such as secure operations and service quality
  • Legal obligation (Art. 6(1)(c)) such as tax/accounting requirements
  • Consent (Art. 6(1)(a)) for optional cookies and specific optional communication

4) Data minimization and purpose limitation

We process only data that is relevant and necessary for clear, legitimate purposes. We do not sell personal data.

5) Retention

Retention depends on data type and legal requirements. In general:

  • website technical logs: limited period for security/troubleshooting
  • service/project records: as needed for delivery, quality, and legal defense
  • financial records: according to legal accounting/tax obligations
  • operational security logs: only as long as needed for security/compliance

When retention is no longer required, data is deleted or anonymized where feasible.

6) Sharing and processors

We share personal data only with necessary processors for business operations (e.g., hosting, infrastructure, database, email/calendar, backups), and only where needed.

All processors are bound by contractual and data protection obligations.

7) International transfers

If data is transferred outside the EU/EEA, we use lawful transfer mechanisms and safeguards under GDPR.

8) Your rights

Under GDPR, you have the right to:

  • access your personal data
  • correct inaccurate data
  • request deletion (where applicable)
  • restrict processing
  • object to processing based on legitimate interests
  • data portability (where applicable)
  • withdraw consent (where consent is the legal basis)
  • lodge a complaint with your supervisory authority

To exercise your rights, contact us at info@moderating.eu.

9) Cookies

We use:

  • essential cookies for core functionality/security
  • optional cookies only with consent (e.g., YouTube/statistics)

You can accept or decline optional categories in the cookie banner and change your preferences later.

10) Security

We apply layered security controls including:

  • encryption in transit
  • least-privilege access controls
  • role-based permissions
  • logging and monitoring
  • anti-abuse protections on sensitive/public endpoints

For details, see our Cyber Security Policy.

11) Policy updates

We may update this Privacy Policy from time to time. Material updates will be reflected by changing the "Last updated" date.

12) Contact

For privacy questions or rights requests:

info@moderating.eu